Any Reports on Effectiveness of HIPS in PCTools Firewall

Discussion in 'other firewalls' started by chinook9, Mar 9, 2010.

Thread Status:
Not open for further replies.
  1. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I am repairing/building a PC today and haven't decided on the security package. I have tried most applications and read a lot about most but I haven't run into much about the HIPS in PCTools Firewall Plus. Any information or links would be appreciated.

    I would also be interested in knowing if the PrivateFirewall/HIPS combination is as light and effective as the PCTools Firewall Plus.
     
  2. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,188
    Location:
    USA
    Private FW is much lighter, but PC Tools has 100% in Matousecs test which tests HIPs detection where as Private FW does not. Private FW rumors of HIPs not working in x64, but it did for me on Win7x64 Pro.
     
  3. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    obviously diff on diff systems (eg. mine) but i dont know of any dedicated articles about it, maybe someone with more info will post.
     
  4. Watasha

    Watasha Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    233
    Location:
    United States
    I have heard it joked that Matousec's test should be renamed "HIPS Challenge" so if that's the case, they must be okay. I used PCTools FW before I went to Comodo and I liked it alright. It was quiet and I like a bit more feedback.
     
  5. country2

    country2 Registered Member

    Joined:
    Sep 13, 2008
    Posts:
    169
    Don't "think" it is a rumor on hips with PFW and W7 64bit. I installed it the other day just to check it and never did get a single popup. Don't know why...
     
  6. bollity

    bollity Registered Member

    Joined:
    May 9, 2009
    Posts:
    179
    hips in pc tools is the "enhanced security verfication".so you have to enable it to see popup.
     
  7. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    You already asked that..
    https://www.wilderssecurity.com/showthread.php?t=267258
     
  8. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    Thank you all for you input. I didn't really find out much about the PCTools Firewall HIPS and so I was not really sold on using it. I decided to go ahead and give PrivateFirewall a try. It has many users who are sold on it and its HIPS appears to work well.
     
  9. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    PCTools has an excellent HIPS. It also runs lite. Private firewall runs lighter yet. It has a huge memory leak that has existed for an awfully long time I do not notice that it has any Hips at all. When it does alert the alerts are so confusing that you don't know what to do. I am not sure its an effective firewall. Combinng PC Tools firewall with threatfire an effective Antivirus in my opinion is a much better idea.
     
  10. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I Sandbox everything I run so I'm not really that concerned about security, but I do appreciate the input. I can always change my protection. I use ZSoft Uninstaller so I expect that most uninstalls would be troublefree.
     
  11. leofelix

    leofelix Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    171
    Location:
    Italy
    As far as know PC Tools Firewall Plus doesn't have a HIPS built in, even if it warns when some programs are trying to made system changes or are acting like keyloggers.
    I can be wrong of course

    The HIPS developed by PC Tools is ThreatFire™, even if they states it is an antivirus it doesn't work like a traditional antivirus.
    ThreatFire™ can scan for rootkits either way.
     
  12. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,188
    Location:
    USA
    PC Tools FW Plus has HIPs. Thats why it scores 100% in Matousecs "Proactive" tests.
     
  13. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    PCT FW HIPS is called Enhanced Security Verification and u can see it in the options (not sure if its enabled by default)
     
  14. leofelix

    leofelix Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    171
    Location:
    Italy
    Thank you:)

    Glad to know it,
    since I use PC Tools Personal Plus v 6.0.0.88.
    However I could'nt find any explicit mention of an HIPS here...


    I have always thought that a HIPS is mainly a behavioral protection, very effective against zero-day exploits/malware

    So, can someone tell me what PC Tools ThreatFire is?:doubt:

    [EDIT to add] I've found by myself the answer: ThreatFire is a behavioral blocker, quite different from a Host based Intrusion Detection System



    Yes I'm aware of Enhanced Security Verification, and I enabled it on my Windows XP/Vista/7 32 bit machines (it is not available on Windows Vista/7 64 bit).

    Thank you again
     
    Last edited: Mar 13, 2010
  15. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    well not mainly, but it does include that. HIPS can be several things, a behavior blocker is a type of HIPS, the HIPS most people think of tho is the Classical HIPS (which alerts basically to everything u do)
     
  16. Woody777

    Woody777 Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    484
    The fabled test by Matousic was a firewall test & not a HIPS. Unfortunately if a firewall does not have great HIPS there are any number of ways for malware to breach it. Adding HIPS allows firewalls to ask you if you want to allow an event. Threatfire is a behavior analyzer that looks at what is going on & if some application suddenly acts lilke its doing virus type activity it asks what you want to do. The two are in fact similar but threatfire asks fewer questions
     
  17. leofelix

    leofelix Registered Member

    Joined:
    Sep 6, 2009
    Posts:
    171
    Location:
    Italy
    Thank you Woody777 and Firzen771 for your replies.

    Now I've got my ideas straight:)
     
  18. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,188
    Location:
    USA
    The Matousec test was labeled as a firewall test, but it is infact a test of a firewalls ability for HIPs detections. If your FW doesnt have HIPs or has a bad HIPs it doesnt do well.
     
Loading...
Thread Status:
Not open for further replies.